The main job of a Digital Forensics Specialist is to perform recovery and investigation of material found in digital devices. The Digital Forensics Specialist has a technical background and has to be able to apply knowledge of computer forensic principles in the identification and collection of digital evidence.


Objective

The Digital Forensics officer must have a technical background and practical knowledge ofcomputer forensic principles for identification and collection of digital evidence.

The basic level course for Incident Responder's track shall help the Law Enforcement Agencies gain an understanding of following subjects:

  1. Different types of cyber crimes.
  2. What is Digital evidence and analysis of digital Evidence.
  3. How to preserve the integrity of digital evidence, admissibility of digital evidence in court of law and maintaining the chain of custody.
  4. Familiarity with different operating systems and applications and file structures.
  5. Whatis digital forensics and different phases of digital forensics – Identification, Preservation, Acquisition, Authentication and Documentation, also known as IPAAD.
  6. Standard Operating Procedure for digital forensic process in Indian context.
  7. Importance of documentation and the documents to be submitted with digital evidence.
  8. Knowledge of relevant commercial and open-source digital forensics tools such as EnCase, FTK Imager etc.
  9. Usage of FTK Imager for acquisition of volatile and non-volatile digital evidence through tool demonstration and simulation.
  10. Usage of EnCase for analysis of evidence.

The cyber-crime fundamentals and handling of digital evidence is explained through case scenarios and demonstration/simulation of tools along with Standard Operating Procedures (SOP)

Estimated Effort: 8 Hours


Objective

The digital forensic domain involves forensic acquisition, analysis and reporting of digital artefacts from various digital devices such as computers, smart phones, feature phones, satellite phones, networking devices such as routers & switches, digital cameras, CCTV systems, GPS and other related devices. Digital devices can be volatile in nature and hence it is vital that the experts should know the different methods to collect volatile data. Due to different operating systems used by OEMs and manufacturer’s it is important to cover leading operating system based forensic techniques.

The objective of this course is for law enforcement agencies to gain an intermediate level knowledge of the following topics related to digital forensics:-

  1. Develop Cybercrime Awareness including Legal and Jurisdiction Issues in relation to Digital Forensics .
  2. Understand Live Data / Triaging Forensics for Laptops, Servers and Mobile Phones including overview of various Tools.
  3. Understand Random Access Memory (RAM) Analysis using Triage Tools.
  4. Insight into Windows Forensics including Registry, Data Hiding Locations, Event Log and Forensic Image Analysis.
  5. Overview of Linux & Mac Forensics including Filesystem Forensics.
  6. Understanding Mobile Forensics including various Platforms, Tools, SIM Card Data Extraction and Live Mobile Acquisition.
  7. Understanding Network Forensics including Protocol Analysis, Layer wise Analysis, Flow Analysis and Wireless Analysis.
  8. Malware Analysis and Reverse Engineering using Static, Dynamic, Code and Behavioural Analysis.
  9. Introduction to Virtual Machines and VM Forensics.
  10. Overview of Cloud Forensics including Legal Aspects.
  11. Internet of Things (IOT) Forensics including Smart Watch, Raspberry Pi and Arduino Forensics.
  12. Handling Encrypted Evidence and SOP.
  13. Collecting Artifacts of TOR Browser.

The prerequisite for this course is Digital Forensics Track – Basic Level Course.


Estimated Effort: 15 Hours

This course will be available soon for enrolment.